Class: Aikido::Zen::Request::Schema

Inherits:

Object

• Object
• Aikido::Zen::Request::Schema

Defined in:

lib/aikido/zen/request/schema.rb,
lib/aikido/zen/request/schema/builder.rb,
lib/aikido/zen/request/schema/definition.rb,
lib/aikido/zen/request/schema/auth_schemas.rb,
lib/aikido/zen/request/schema/empty_schema.rb,
lib/aikido/zen/request/schema/auth_discovery.rb

Overview

Defines the shape of a request received by your application as seen by Zen. This is used to understand how requests are made against your app, so dynamic security testing on your API endpoints can take place.

See Also:

• Config#api_schema_collection_enabled?

Defined Under Namespace

Classes: AuthDiscovery, AuthSchemas, Builder, Definition

Instance Attribute Summary

• #auth_schema ⇒ Aikido::Zen::Request::Schema::AuthSchemas readonly
• #body_schema ⇒ Aikido::Zen::Request::Schema::Definition readonly
• #content_type ⇒ Symbol^? readonly

  An identifier for the Content-Type header of the request, if sent.

• #query_schema ⇒ Aikido::Zen::Request::Schema::Definition readonly

Class Method Summary

• .build(context = Aikido::Zen.current_context) ⇒ Aikido::Zen::Request::Schema^?

  Extracts the request information from the current Context (if configured) and builds a Schema out of it.

• .from_json(data) ⇒ Object

Instance Method Summary

• #==(other) ⇒ Object
• #as_json ⇒ Hash
• #initialize(content_type:, body_schema:, query_schema:, auth_schema:) ⇒ Schema constructor

  A new instance of Schema.

• #merge(other) ⇒ Aikido::Zen::Request::Schema (also: #|)

  Merges the request specification with another request’s specification.

Constructor Details

#initialize(content_type:, body_schema:, query_schema:, auth_schema:) ⇒ Schema

Returns a new instance of Schema.

# File 'lib/aikido/zen/request/schema.rb', line 36

def initialize(content_type:, body_schema:, query_schema:, auth_schema:)
  @content_type = content_type
  @query_schema = query_schema
  @body_schema = body_schema
  @auth_schema = auth_schema
end

Instance Attribute Details

#auth_schema ⇒ Aikido::Zen::Request::Schema::AuthSchemas (readonly)

Returns:

• (Aikido::Zen::Request::Schema::AuthSchemas)

# File 'lib/aikido/zen/request/schema.rb', line 23

def auth_schema
  @auth_schema
end

#body_schema ⇒ Aikido::Zen::Request::Schema::Definition (readonly)

Returns:

• (Aikido::Zen::Request::Schema::Definition)

# File 'lib/aikido/zen/request/schema.rb', line 17

def body_schema
  @body_schema
end

#content_type ⇒ Symbol^? (readonly)

Returns an identifier for the Content-Type header of the request, if sent.

Returns:

• (Symbol, nil) —

  an identifier for the Content-Type header of the request, if sent.

# File 'lib/aikido/zen/request/schema.rb', line 14

def content_type
  @content_type
end

#query_schema ⇒ Aikido::Zen::Request::Schema::Definition (readonly)

Returns:

• (Aikido::Zen::Request::Schema::Definition)

# File 'lib/aikido/zen/request/schema.rb', line 20

def query_schema
  @query_schema
end

Class Method Details

.build(context = Aikido::Zen.current_context) ⇒ Aikido::Zen::Request::Schema^?

Extracts the request information from the current Context (if configured) and builds a Schema out of it.

Parameters:

• context (Aikido::Zen::Context, nil) (defaults to: Aikido::Zen.current_context)

Returns:

• (Aikido::Zen::Request::Schema, nil)

# File 'lib/aikido/zen/request/schema.rb', line 30

def self.build(context = Aikido::Zen.current_context)
  return if context.nil?

  Request::Schema::Builder.new(context: context).schema
end

.from_json(data) ⇒ Object

# File 'lib/aikido/zen/request/schema.rb', line 55

def self.from_json(data)
  if data.empty?
    return Request::Schema.new(
      content_type: nil,
      body_schema: EMPTY_SCHEMA,
      query_schema: EMPTY_SCHEMA,
      auth_schema: Aikido::Zen::Request::Schema::AuthSchemas.new([])
    )
  end

  content_type = data["body"].nil? ? nil : data["body"]["type"]
  body_schema = data["body"].nil? ? EMPTY_SCHEMA : Aikido::Zen::Request::Schema::Definition.from_json(data["body"]["schema"])
  query_schema = data["query"].nil? ? EMPTY_SCHEMA : Aikido::Zen::Request::Schema::Definition.from_json(data["query"])
  auth_schema = Aikido::Zen::Request::Schema::AuthSchemas.from_json(data["auth"])

  Request::Schema.new(
    content_type: content_type,
    body_schema: body_schema,
    query_schema: query_schema,
    auth_schema: auth_schema
  )
end

Instance Method Details

#==(other) ⇒ Object

# File 'lib/aikido/zen/request/schema.rb', line 93

def ==(other)
  other.is_a?(self.class) &&
    @content_type == other.content_type &&
    @query_schema == other.query_schema &&
    @body_schema == other.body_schema &&
    @auth_schema == other.auth_schema
end

#as_json ⇒ Hash

Returns:

• (Hash)

# File 'lib/aikido/zen/request/schema.rb', line 44

def as_json
  body = {"type" => content_type, "schema" => body_schema.as_json}.compact
  body = nil if body.empty?

  {
    "body" => body,
    "query" => query_schema.as_json,
    "auth" => auth_schema.as_json
  }.compact
end

#merge(other) ⇒ Aikido::Zen::Request::Schema Also known as: |

Merges the request specification with another request’s specification.

Parameters:

• other (Aikido::Zen::Request::Schema, nil)

Returns:

• (Aikido::Zen::Request::Schema)

# File 'lib/aikido/zen/request/schema.rb', line 81

def merge(other)
  return self if other.nil?

  self.class.new(
    content_type: other.content_type,
    body_schema: body_schema.merge(other.body_schema),
    query_schema: query_schema.merge(other.query_schema),
    auth_schema: auth_schema.merge(other.auth_schema)
  )
end